92514f4daa242f4b54f517897333f17ceff7a0beec776ba62fecec4e284aaa71_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92514f4daa242f4b54f517897333f17ceff7a0beec776ba62fecec4e284aaa71_NeikiAnalytics.exe
Size

15KB
MD5

7b6430eaf26a0099bc70265addc587e0
SHA1

d59e00220a0f829195f43dc3bd0a3714d12b6642
SHA256

92514f4daa242f4b54f517897333f17ceff7a0beec776ba62fecec4e284aaa71
SHA512

72bceb886aee8406e26a47655393911c7cc68724e7211c5cc6bcaff20d67e4e62a541a2ae7df88dcaa0dc0a2d091085efdd2f75620a483b7f280184c448204fe
SSDEEP

384:ad1x2JQ++jiPV8t6eE3tOzFv0HB8jVKlxey2AS:noj8o6BOFCB8jVKlxey2AS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92514f4daa242f4b54f517897333f17ceff7a0beec776ba62fecec4e284aaa71_NeikiAnalytics.exe

Files

92514f4daa242f4b54f517897333f17ceff7a0beec776ba62fecec4e284aaa71_NeikiAnalytics.exe
.sys windows:6 windows x64 arch:x64

92ffc50a404a75563ed1968098aa7847

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

y:\ddk_build\driver_micro_sd\virtualscreader\scsdvreaderbus\objfre_win7_amd64\amd64\scsdvrbus.pdb

Imports

ntoskrnl.exe

RtlAnsiCharToUnicodeChar
KeBugCheckEx
RtlInitUnicodeString
ExFreePoolWithTag
RtlCopyUnicodeString
ExAllocatePoolWithTag

wdfldr.sys

WdfVersionBindClass
WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 614B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ